Mike Cole :: Blog

Remote Interview Tips

2019-02-19T00:00:00+00:00

I'm giving a presentation to college students in a few days on tips for remote interviews, and thought I'd share the slides. As an aside, slides.com is awesome and worth the $5/mo subscription.

Incremental React Adoption in ASP.NET

2019-02-12T00:00:00+00:00

In a few projects I've taken on lately, the client has stated their desire to modernize their system. In both cases we were dealing with ASP.NET WebForms applications that have been around for years. Both systems worked great and there was no justification for a rewrite, although the architectural parts of the systems left something to be desired. We wanted to minimize the creation of new WebForms code and focus on React.

In addition to using WebForms, the client also had dated DevOps practices. No build server, no build scripts – just Right Click => Publish. Although this is something we will focus on later, at this time they had a feature they wanted implemented, so that took precedence. I was worried about the client's ability to consistently handle the webpack part of things since they were generally pretty new to JavaScript in general. I wanted to make it as pain free as possible and not force them into practices with which they were not yet comfortable.

I'll summarize the steps taken that are outside the scope of this post: I upgraded to the latest version of .NET Framework, configured WebAPI in the project, added SimpleInjector for DI, added some test projects, created a Cake build script to properly package up the project for deployment including running unit tests, publishing to disk, managing npm, and building the React application. I quickly realized the WebForms Master Page had layers and layers of logic that I didn't want to unravel and apply to an MVC Layout, so new pages are going to be basic ASPX pages that contain the React targets.

My main goal was to enable them to easily adopt React without necessarily having to understand the complexities of npm or webpack. I wanted to automate that stuff as much as possible. Step 1 was to install the NPM Task Runner extension into Visual Studio. This would give us the ability to bind npm scripts to Visual Studio events. The goal was to bind our webpack dev build to run in watch mode when the project was loaded.

This is the project.json file in its entirety. You can see a few dependencies that I like to use, and a bunch of development dependencies for our build. We'll cover some of those later. Two things to note: the build scripts (one for dev and one for prod) and the -vs-binding section which instructs Visual Studio through NPM Task Runner to run the dev-build script when the project is loaded.

Now we'll look at three webpack files: the dev setup, the prod setup, and the common setup that is shared with dev and prod. I'm using the webpack-merge package to link them together.

The webpack.common.js file contains the base settings I want to use in both dev and prod. I have two SPAs defined: login and mass-update. It's a fairly generic webpack script other than the merging. The webpack.dev.js file merges in the webpack.common.js file, sets my development settings, and specifies to watch the content for changes which it will rebuild. The webpack.prod.js file is the production version which parses/compresses the compiles JS and sets an environment flag to production which I can test later in the project.

I am using both SPAs differently in the site. The mass-update app was a brand new feature, so it gets its own barebones aspx page and runs the show. The login app was an addition to an existing feature and is more of an applet that's bound to an existing page.

So far this setup has worked very well. We're able to develop new features using modern technologies in the existing codebase (albeit with some architectural improvements). We didn't have to do a costly rewrite which would have been completely unreasonable, and we're able to feel pretty good about working with React and WebAPI. We expect most of the new development will be done using our new platform, and we'll port over other sections when it makes sense.

Most companies have similar systems sitting around that they feel like they need to re-write to stay modern. If it works, it works, and if it's in no danger of becoming unsupported or incompatible then you don't need to rewrite it. Don't let consulting companies pressure you into a rewrite. I am available for hire as a strategic consultant, an architect, and/or a developer and I can help you make sense of your situation and plot a course of action. You can find my info at https://cole-consulting.net. Feel free to reach out if you find yourself in a similar situation and feel like you could use my services.

I Did My Job

2019-02-11T00:00:00+00:00

As software engineers, it's easy to get passionately invested in what we're doing. We spend hours analyzing and dwelling on the smallest ideas so it’s pretty natural to do. When you work on a team with other developers we need to be open to accepting their ideas and hopefully takes bits and pieces of everybody's suggestions to come up with the best solution possible at the time. But what do you do when somebody "pulls rank" on you and decides the way forward is something you deem sub-optimal? What if it’s a non-technical person that might not understand the ramifications of NOT implementing your solutions?

I read a blog post several years ago about being a professional, and what that means in terms of putting your foot down on certain decisions, and carefully identifying which hills we are willing to die on. For example, if somebody’s proposed database schema doesn’t match what you would do, who cares? But what if it’s something so blatantly wrong like mishandling of data or insecure financial transactions? The author of the blog post compared these situations to a chef. If service is bad or prices are high, is it really your responsibility to fix? But what if the restaurant pressures you to prepare meals faster than you are comfortable, resulting in food that isn’t completely cooked? Is it your responsibility as a chef to make sure that no undercooked chicken gets served? Absolutely.

I used to get so tied up in what the industry “rock stars” say (this is probably a blog post unto itself) and would get caught up in the new trendy thing. When starting a new project, I pressure the team to consider that latest hot tech: we obviously needed to replace SQL Server with RavenDB, ASP.NET MVC Razor with a JavaScript framework, web server with Azure, etc. I never really understood the ramifications to the company for making those types of choices. I’ve quit jobs because I felt the way we did things was outdated. I must have been a pleasure to work with.

A few years ago I was on a team with another dev that had previous management experience. I really liked working with him because he always brought a different perspective than what I was used to. He had the tech skills, but also the wisdom to back it up. We were implementing a new feature and highly recommended additional infrastructure to help with scalability. We got shot down by management in what seemed like a knee jerk decision at the time. It was probably a threat-level orange: not a security risk but definitely a performance risk. We both had worked hard and were very proud of our creative solution.

I was frustrated by the decision and felt pretty diminished as a contributor to the team. The other dev moreso because it was mostly his baby. He objected to the decision and provided backing information and warned of the possible ramifications. Then he said “Well, I did my job”. He wasn’t serving undercooked chicken, but the sides were burnt. I was impressed with his ability to let it go move on. I would have held a grudge.

I’ve been working as an independent freelancer for over year now, and my role on teams has changed. I’m hired for my experience and expertise on certain topics, but the clients don’t always use my recommendations for a variety of reasons. I can’t really blame them because my presence is temporary and they have to live with the ramifications. One client was dead set on using Kendo and jQuery, and I pushed hard for React. The client overruled and several months later we started converting everything from jQuery to Vue. I did my job. I’m currently dealing with another situation which is what prompted me to write this. I’m doing my job there, too.

Icons In Header Slot In Vuetify Data-Table

2018-07-20T00:00:00+00:00

We've been using Vuetify for a component framework in the Vue project we've been working on the past few months. It's a great framework and I highly recommend it, especially if you're trying to follow Material Design patterns. Today I ran into an issue customizing a grid header that was difficult to solve.

Here's the example on CodePen: https://codepen.io/mikecole/pen/zLNKbG

If you check the header of any column, you can see that I added a second v-icon that will eventually pop open a dropdown menu. However, when sorting the column Vuetify doesn't distinguish that column from the arrow sorting icon, and it spins both of them.

It turns out that there doesn't seem to be any options to disable this, and that the solution seems to be fixing it with stying:

Fixed example on CodePen: https://codepen.io/aldarund/pen/yqgVgy

Running A GitHub Pages Dev Environment On Windows

2018-02-04T00:00:00+00:00

Running a GitHub Pages development environment on your machine is essential for troubleshooting compilation issues and previewing your changes before deploying. It's always been an absolute headache to set this environment up on Windows, since it's running on Ruby which generally favors Not Windows. However, running on Bash On Ubuntu On Windows (that's a mouthful), this is pretty easy.

These instructions apply to Windows 10 64-bit, completely updated and patched. I say this because on earlier versions of Windows 10 it's considered "beta" and the installation instructions are different.

Step 1: Installing Windows Subsystem For Linux

In Windows, search for "Turn Windows features on or off". In that dialog, select "Windows Subsystem For Linux" and click OK. You should get a prompt to restart your machine; do this now.

Step 2: Installing and Configuring Ubuntu

This is pretty easy. Once Windows restarts, open the Windows Store, search for Ubuntu, and choose the Ubuntu app. Install Ubuntu from the Windows Store. After installation is complete, click Launch. This will initialize Ubuntu and prompt you to create credentials. These credentials do not have to match your Windows credentials.

Step 3: Configuring GitHub Pages Environment

At this point you are left with an Ubuntu Bash screen. I'm weird, so I usually close this screen, launch PowerShell, type bash, and hit enter. This runs Bash through PowerShell, which is a bit more familiar to me.

From here I generally follow the published instructions from GitHub for Setting up your GitHub Pages site locally with Jekyll. I'll summarize: I'm going to install Ruby with the following commands one-by-one:

And I'll verify with:

And then I'll install bundler:

Profit

We should have everything we need now to run the GitHub Pages dev environment on our machines. I already have a repo setup, so I'll clone that. I'll navigate to the root of my repo in Bash, and the first thing I'll do is install the dependencies using Bundler:

Now we're ready to start Jekyll. We'll start it in watch mode, so when we change site files it will detect and automatically compile the site. This will output the url we'll use to navigate to the site, which is typically http://127.0.0.1 It will also output any compile errors:

If you're working with simple sites, this might not even necessary since you can push right to a GitHub acceptance environment (blog post later on this...) and view the changes live. However, if you run into compilation issues or just want to view your changes before making public, this is the route you should take.

Becoming an Extroverted Introvert

2014-08-24T00:00:00+00:00

Developers have a nasty reputation of being basement-dwelling paste-eating social recluses. Our industry has taken a turn in recent years that encourages us to get away from teh codez and interact with other developers and business users, but many developers are still very introverted. I realized in the past week how introverted I actually am, and how much conflict it causes me in my career.

Here's a list of introvert symptoms that I have:

I prefer conversation over IM so I can properly process the message and my response. I've accidentally made too many commitments that I couldn't keep (estimates, workload, etc.) by getting caught off-guard face-to-face.
In social settings I am social but I prefer to observe the conversation instead of leading it.
I get distracted easily when there's too much stimulation in my work environment.
I need down time to recharge my battery and renew my enthusiasm.
I have a constantly running inner monologue.

One thing that has become apparent to me is that because introverts prefer to remove themselves from the limelight, they aren't recognized, celebrated, and rewarded as much as extroverts. General human nature craves recognition, so we're in a tough spot. I've been trying recently to find ways to become more of a conversationalist and a driving presence on teams instead of a passive observer. Here's a few ways I have tried doing this:

Find Comfortable Places to Be On the Stage

I did several user group presentations around eastern Iowa this summer and spoke at Iowa Code Camp a few weeks ago. I found this comfortable because I was in a "controlled" environment (techies, people like me) and I was presenting on a topic that I was very familiar with. I was able to focus on my presentation and delivery, and I learned a lot in the process.

We have a yearly BarCampCV event in Cedar Falls and I always try to do an impromptu presentation. This is a good venue for that because the sessions are only a half hour long and pretty laid back. If you can get through your introduction and opening, you're halfway done.

Take Advantage of Flexible Work Schedule

I decided to work from home regularly to limit my distractions. I'm more comfortable sitting in my dark basement working (didn't I just make fun of this?) than in a wide open office with lots of distractions. I'm also able to break up my day into a few 2-3 hour work sprints to keep energized. I'm a lot more productive after 8 PM than I am mid-day and I want to take advantage of that.

Be a Better Listener

When in the middle of a technical conversation, I get excited and regularly finish sentences for other people. That must be incredibly annoying and is something I need to work on. We should all strive to become better listeners, to treat all conversations as important, to try to determine unspoken messages and needs, and to better read and interpret body language.

Go Outside Your Usual Circle

When working on side projects I have a regular group that are generally involved. I wanted to get outside my comfort zone, so I inserted myself into a website redesign for Iowa Code Camp in an attempt to work with people that I haven't worked with before. I'm excited to see what makes them tick and to learn new lessons from them.

Go Outside Your Usual Self Improvement Methods

There's several services I use such as Stack Overflow, Pluralsight, and technical podcasts to try to keep up to date. I recent added a few audio books such as How to Win Friends & Influence People and The 7 Habits of Highly Effective People. I've already picked up several tips from How to Win Friends that is bringing noticeable change in how I interact. That's a win!

Outlier Developer - Job Jumping: 4 Tips for Today's Market

2014-05-28T00:00:00+00:00

I wrote a guest blog post for outlierdeveloper.com entitled Job Jumping: Four Tips for Today's Market. This post tries to summarize what I've done wrong that has led me on a turbulent path in my career. I encourage you to check out the rest of the content on that site, as well as Cory House's course on becoming an outlier developer on Pluralsight.

Summer 2014 Speaking Dates

2014-05-23T00:00:00+00:00

This year I decided to challenge myself to build myself up on items other than simply technology. One of those was building this blog, which I maintain so diligently *sarcasm*. Another was to push my comfort level with presentations. I'm lucky to work on a lot of different things so there's no shortage of topics I could explore. I decided that I'd like to eventually get to the point where I'm comfortable submitting to a larger regional conference. To do that, I need to build up more speaking experience so I booked several local talks and submitted the same presentation for consideration to Iowa Code Camp.

Info

Dates

Details

Title: Going The Extra Mile with Entity Framework Code First

Description: Entity Framework Code First is a breeze to get up and running, but are you taking advantage of some of the more advanced features? Are you getting caught up by common pitfalls? In this presentation, we'll review the history of Entity Framework and the status of the project. We'll cover some core functionality concepts and asynchronous queries. Mike will show how to use StructureMap to easily maintain the lifetime of the DataContext. We'll look at how we can leverage the Projection functionality of AutoMapper to easily write optimized queries. Finally, Mike will demonstrate EF Migrations and how you can tie it into your current continuous integration environment. This presentation assumes you have some knowledge of Entity Framework so we'll try to not get caught up in the basics.

Protect Yourself Online

2014-02-16T00:00:00+00:00

Another day, another security breach. Today Kickstarter announced that hackers obtained unauthorized access to customer data. No credit card information was taken apparently, but encrypted password were taken and sometimes that can be worse. I can probably speak for a segment of identity theft victims by saying I'm fairly sure they wish the damage inflicted was only a temporary trivial financial setback.

Here's What You're Probably Doing Wrong

Sharing Passwords

Remembering several different passwords is a hassle, so it's usually easiest to share the same password amongst several accounts. Even if you have different variations (MyP@ssword1, MyP@ssword2, MyP@ssword3, etc.) this is a horrible idea. If one online service is compromised then hackers might obtain access to several of your accounts. To make it worse, many login names now simply use the email address. Did you use the same password with your Kickstarter account that you use with your email account? Is your Kickstarter username whatever@gmail.com? See where I'm going?

It gets even worse when you share passwords between work and personal systems. Sign up for some podunky online service that used terrible security practices and get hacked? Now some shady people might possibly have your work webmail password, your CRM system password, your website administrator password, or even your VPN password. You can probably expect some classy porn pics smack dab on your company's website.

Simple Passwords

Today's computers are incredibly powerful so encryption today doesn't mean what it once did. Have a password with only one special character, one uppercase letter, and one number? Good luck with that.

Never Changing Passwords

When I first started following better security practices, I noticed that my Gmail password hadn't changed since I created it several years ago. That's ridiculous. It wasn't a complex password, either. I was really lucky that no harm came from that. There's an upcoming story of somebody that wasn't so lucky.

The Most Hated Man On The Internet - A Case Study On Reckless Web Usage

Several months ago I noticed a link on my Twitter feed with the title "Most Hated Man On The Internet." Thinking sombody was talking about me, I clicked the link and read a story that made me sick. Here's a link: Hunter Moore: The Most Hated Man on the Internet

tl;dr version: A young adult female didn't use common sense and had a nude picture of herself saved in her email. Somehow (she presumably followed some of the bad habits listed above) her email account was compromised and the picture appeared on a Revenge Porn website along with her name, address, link to her Facebook profile, and employer information. How would you like it if this was you or a family member?

Conventional Online Wisdom No Longer Applies

How can you protect yourself? Here's a few guidelines you can follow:

Keep Informed

I am not an expert and this blog post should only be considered a call to action instead of a definitive guide. Find an expert online and follow their lead. My expert of choice is Troy Hunt. Follow him on Twitter, read his blog, and do what he says. A lot of the stuff he explains on his blog is confusing even to an IT professional like me, but if you can gleam a general understanding of what he's talking about then you will be better off.

Use Common Sense

As mentioned in the story above, a person saved a nude picture of herself on her webmail account. Come on. Everything you put on the web is public information and you can never get rid of it. Everything you say, everything you post on Twitter, every email you send is now fair game. Post wisely.

Use Password Management Software

This is a big one and it's probably going to cost you a little money. The best case scenario with password complexity is having a password so complex that there's no way you can possibly memorize it. All of my passwords are similar to the following: *8=48t9+7[63Y3>]:76/#z%$4Q@G&T97i)(.3}2?4296C,2o^D. Got that? And no, they are not written on a piece of paper taped to my monitor.

There are a lot of password managers out there that claim to be the most secure, but how can you be sure? Following the recommendation of expert Troy Hunt, I use 1Password. It was a little tough swallowing the fact that I was going to have to drop some hard earned cash on it, but it has several great features, was highly recommended, and has mobile apps. The Windows version is a little rough at the moment but a new version is going to be released soon. I was told that if I bought now that I would obtain the new version when it was released, but I would urge you to contact their support and get the same assurance personally. I'm not going to go into the features and how I use it as their documentation is superb. Try their 30 day trial; you won't want to stop using it.

Also, since you probably are maintaining 3,754 work passwords, I don't think it's out of the realm of possibility for you to suggest to your employer that they pick up the tab on password management software. After all, they probably have more to lose from a data breach than you do.

Here are some other recommendations I routinely hear mentioned:

Don't Trust Password Strength Meters

If you use password management software like I recommended above, this is probably a moot point because you're presumably generating very complex passwords. If you're not, you shouldn't put your trust in those little funky gauges telling you that your password is secure enough in their opinion. Would you trust a random stranger to analyze your home security?

Use haveibeenpwned.com

Use it. Love it. Sign up for notifications. Tell your employer to sign up for domain wide notifications. And thank Troy Hunt on Twitter for building it and making it available for free.

Use Credit Cards Only Online

Do not use debit cards online. They do not provide the level of support and protection as the big credit card companies. Do research on the credit card you use and ensure they have ample safeguards against stolen credit card numbers.

Demand Safe Practices

After I started using a password manager I was surprised at the number of websites that limit the max character length of passwords to anything below 50 characters. The developer in me questions their password hashing process if they care about password length. If you run into this on a company's website, push the issue publicly on Twitter.

Some websites even limit the special characters you can use in a password. This is ridiculous and downright reckless on their part. Most noticeably (probably because I ran into it this week) the popular credit card processor Authorize.Net doesn't let you use certain special characters in your password. On a website dedicated to security. That secures credit card information.

Also, under no circumstances should a Forgot Your Password function ever provide you with your current password. It should always, always, always force you to change it to a new password. If a website can provide you with your current password, it means they are not storing it in a secure way. Call them out in public on Twitter. Money talks - take your business elsewhere if necessary.

Summary

Hackers are always looking for the easiest targets. If they need to spend too much time on you they will more than likely move along to the next person. A few safeguards can make you infinitely more secure on the internet. Have any questions or suggestions? Post them below. Like I mentioned, I'm not security expert but I can try to get you pointed in the right direction.

2014 BarCampCV

2014-02-09T00:00:00+00:00

BarCamp Cedar Valley was February 1 at the UNI campus. This was the third event we've put on and was by far my favorite. If you haven't attended a BarCamp and are interested, I would recommend following our Twitter account to keep up with the latest information. If you curious about what BarCamp is all about, I would suggest reading What Is Barcamp? from our website.

Planning The Event

I'm lucky to be part of a great leadership group that helps plan this event. Like I mentioned, this was our third event so we've worked out a lot of the kinks. We didn't have any locked door, no lights, or lost reservation incidents like previous BarCamps. One of the things we really needed to tackle this time was making our website mobile-friendly. When we originally created it we found a cheap WordPress theme and it was dated and didn't work at all on mobile.

To do this, I used Initializr to create a solid website base, integrated it into an ASP.NET MVC project, found a basic theme on http://startbootstrap.com/, and pulled it all together. The site was mostly responsive but there were a few minor issues. Thanks to Far Reach for hosting our site. While it was fun to pull all these items together, it really was overkill for what we needed and next time I think next time I'll just throw together a site on GitHub Pages using one of their built-in templates.

I'm always impressed with the level of financial support from area businesses to sponsor events like these. Among our great sponsors this year were Far Reach, UNI Innovation Incubator, Kyoger, Veridian, VGM Forbin, Visual Logic Group, Strategic Imaging, and Greater Cedar Valley Alliance & Chamber. It really takes a load off the organizers' backs when great supporters such as these step up to help. Thanks a lot!

Another thing we were concerned about was attendance numbers. Our first event in 2013 was wildly successful, drawing in over 100 attendees. We had great feedback from the event, so much so that we decided to do another event in the fall of 2013. Unfortunately the 2nd event only drew less than 40 attendees, and we were leery of doing another event. We (obviously) decided to plan a 2014 event, hoping to capitalize on everybody's cabin fever. We definitely made the right choice as we had over 60 attendees even in the poor weather conditions. I think we're planning on maintaining a yearly event every February.

My Talk: Recharging Your Battery - Avoiding Tech Burnout

Since the tech track was slow to fill, I decided to do a talk about burnout as I was currently feeling a little burnt out. It was the first talk of the day and there was a great crowd. I led with things I do to recharge my battery, including charity work, working with the community, and attending events. The crowd took over the conversation (which is what I was hoping for) and there was a good discussion about work-life balance. One great suggestion that I need to do is to write every pending issue and work item on a list and leave it at my desk every night. I'm hoping that this approach cuts down on my stress at night and helps me to focus on my family.

In my talk I mentioned a great presentation by Cory House from Iowa Code Camp on being an outlier in your career. After seeing this presentation I was definitely inspired to shake myself out the negative funk I was currently in. Just this week I saw that Cory is developing a video training session on the same topic for Pluralsight due to be released in April, so I recommend keeping your eyes on that.

Takeaways

As mentioned before, I'm going to try doing a brain dump to a list at the end of each workday. I'm hoping this cuts down on me sitting around worrying at nights about impending deadlines, challenges, or other work-related stress. I also learned about a new area user group: Cedar Valley Makers. I need to check out a meeting sometime.

I was very please to learn that Kevin Shannon was working on a charity hackathon in the Des Moines area. I shared some ideas from our Operation: Make A Difference initiative at work. I hope what he's planning works out for my schedule because I'd definitely like to participate.

Summary

I'm not sure exactly why, but this BarCamp was my favorite so far. I was lucky to meet Kyoger people Trevor Carlson and Trace Steffen. I was able to catch up with Zach Everman and Jaymie Feldman. There were few issues other than delayed t-shirt delivery and trying to transport nine platters of Pita Pit food by myself in my truck on rough roads. I'm really looking forward to next year's event. If you'd like any info on BarCamp or are interested in helping coordinate, sponsor, or speak at a future BarCamp I encourage you to reach out for information.

Entity Framework 6 New Features

2014-01-09T00:00:00+00:00

Read on the Far Reach blog

Entity Framework: Reverse Engineer Code First

2013-11-21T00:00:00+00:00

Read on the Far Reach blog

Entity Framework Migrations

2013-11-07T00:00:00+00:00

Read on the Far Reach blog

Entity Framework Model Mappings

2013-10-10T00:00:00+00:00

Read on the Far Reach blog

Entity Framework Query Optimizations

2013-09-26T00:00:00+00:00

Read on the Far Reach blog